Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
File: dbRxTE9hvqBKAs-c9WOuE09HnIU.cer (raw, json)
Hash identifier: YIKS4tehjQb3viuPgauKLrgeXM1+VuMMYSATeixAzGY=
Subject key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: B1BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Wed 17 Apr 2024 01:16:53 +0000
Certificate not after: Fri 31 Jan 2025 01:13:46 +0000
Subordinate resources: IP: 43.254.152.0/22
IP: 45.252.8.0 -- 45.252.51.255
IP: 45.252.84.0/22
IP: 45.252.100.0/22
IP: 45.252.132.0 -- 45.252.139.255
IP: 45.252.144.0/22
IP: 59.153.168.0 -- 59.153.195.255
IP: 103.5.192.0/22
IP: 103.6.108.0/22
IP: 103.6.228.0/22
IP: 103.10.0.0/22
IP: 103.24.116.0/22
IP: 103.198.216.0 -- 103.198.247.255
IP: 103.220.248.0 -- 103.221.51.255
IP: 103.221.92.0/22
IP: 150.242.236.0/22
IP: 202.57.216.0/22
IP: 202.58.112.0/22
IP: 202.89.96.0/22
IP: 202.89.108.0/22
IP: 202.136.248.0/22
IP: 202.174.124.0/22
IP: 2403:1b80::/32
IP: 2406:1e80::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 20 May 2024 05:56:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45502 (0xb1be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Apr 17 01:16:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:30:31:33:75:03:08:6f:1c:15:28:ca:54:13:
ef:d5:91:d3:db:2e:8e:a5:d3:36:f5:f3:ff:18:5f:
3f:06:19:2e:0d:44:81:ff:48:80:90:f1:b8:cd:0c:
18:39:3b:78:d4:7e:cc:b0:77:81:df:c7:5c:65:e6:
2a:3b:83:3a:c0:c2:98:0d:23:a6:fd:cd:c0:42:b5:
04:72:a8:d5:ce:29:a1:cc:0f:75:04:8e:89:22:73:
ed:c9:8e:03:74:ff:ed:d6:eb:8b:86:b0:dc:7a:13:
af:ba:43:c3:77:c4:ba:4b:9e:b0:f5:d3:a4:f1:15:
2f:01:f8:e5:1c:70:3d:94:e8:27:ee:eb:34:ab:00:
a8:6f:20:67:82:9b:d3:d0:a7:80:bd:e1:3a:05:52:
b7:9b:18:47:23:11:12:74:9c:15:7e:a7:a2:21:d8:
d1:26:e7:07:65:a1:cd:3f:7a:95:73:c9:58:b5:ce:
68:ed:32:49:c8:db:1f:5f:13:96:e9:c1:7f:a6:5e:
be:85:c1:fd:a1:d5:06:78:06:64:fb:ee:1b:0d:57:
10:ba:4f:bc:48:14:f1:7d:b4:fd:2b:ed:a4:f0:1d:
3c:6a:7b:d3:e7:72:61:fc:e5:b3:02:c7:ef:97:5a:
81:79:6e:c4:d8:f8:bc:a7:da:4d:91:49:3d:8f:24:
65:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.152.0/22
45.252.8.0-45.252.51.255
45.252.84.0/22
45.252.100.0/22
45.252.132.0-45.252.139.255
45.252.144.0/22
59.153.168.0-59.153.195.255
103.5.192.0/22
103.6.108.0/22
103.6.228.0/22
103.10.0.0/22
103.24.116.0/22
103.198.216.0-103.198.247.255
103.220.248.0-103.221.51.255
103.221.92.0/22
150.242.236.0/22
202.57.216.0/22
202.58.112.0/22
202.89.96.0/22
202.89.108.0/22
202.136.248.0/22
202.174.124.0/22
IPv6:
2403:1b80::/32
2406:1e80::/32
Signature Algorithm: sha256WithRSAEncryption
25:61:7c:17:5f:00:97:b9:79:03:6f:60:37:b9:27:6a:4d:13:
b6:0e:e6:e7:25:cc:fc:0f:ec:a4:32:23:93:97:9c:d3:da:e9:
7e:66:c6:7d:34:64:db:00:4b:f1:a9:16:3c:97:50:c4:d4:ab:
9a:40:ca:1d:c0:c5:12:9f:48:7a:ca:e4:a5:b4:f7:b1:6e:18:
74:31:df:cd:e7:33:66:12:73:d4:d5:96:1d:14:14:99:74:2c:
4c:a7:f3:9a:38:b2:6d:7c:7c:22:f5:64:c9:47:fe:10:ec:9c:
17:7e:c7:64:6d:c3:6e:b0:62:43:95:88:be:67:1d:51:58:79:
10:69:46:2e:ad:8d:29:1f:e8:be:a2:d5:33:96:4c:9a:de:44:
7e:80:65:36:21:69:6c:c0:df:28:b2:60:9f:39:0c:96:76:2c:
53:dc:af:c0:86:cb:0c:29:6d:e9:ac:c4:c4:f3:7e:7b:88:09:
69:a8:63:07:2e:d7:47:5c:9f:6f:71:5b:53:ba:b2:4a:c3:d1:
51:a4:39:64:b0:89:fe:8a:d9:d7:e7:7c:cc:44:6a:db:0d:f0:
cd:0e:18:e7:ad:b5:e0:ab:42:b1:44:9f:d1:4a:8b:93:3e:e5:
0c:df:8c:e7:ff:45:50:2c:a8:8f:68:b6:88:3d:61:56:64:17:
df:37:7b:d4
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgIDALG+MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDA0MTcwMTE2NTNaFw0yNTAxMzEwMTEzNDZaMDMx
MTAvBgNVBAMTKDc1QjQ3MTRDNEY2MUJFQTA0QTAyQ0Y5Q0Y1NjNBRTEzNEY0NzlD
ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfMDEzdQMIbxwVKMpU
E+/VkdPbLo6l0zb18/8YXz8GGS4NRIH/SICQ8bjNDBg5O3jUfsywd4Hfx1xl5io7
gzrAwpgNI6b9zcBCtQRyqNXOKaHMD3UEjokic+3JjgN0/+3W64uGsNx6E6+6Q8N3
xLpLnrD106TxFS8B+OUccD2U6Cfu6zSrAKhvIGeCm9PQp4C94ToFUrebGEcjERJ0
nBV+p6Ih2NEm5wdloc0/epVzyVi1zmjtMknI2x9fE5bpwX+mXr6Fwf2h1QZ4BmT7
7hsNVxC6T7xIFPF9tP0r7aTwHTxqe9PncmH85bMCx++XWoF5bsTY+Lyn2k2RST2P
JGUrAgMBAAGjggMUMIIDEDAdBgNVHQ4EFgQUdbRxTE9hvqBKAs+c9WOuE09HnIUw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzU3
Ny8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC81NzcvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDCB
3wYIKwYBBQUHAQcBAf8Egc8wgcwwgbMEAgABMIGsAwQCK/6YMAwDBAMt/AgDBAIt
/DADBAIt/FQDBAIt/GQwDAMEAi38hAMEAi38iAMEAi38kDAMAwQDO5moAwQCO5nA
AwQCZwXAAwQCZwZsAwQCZwbkAwQCZwoAAwQCZxh0MAwDBANnxtgDBANnxvAwDAME
A2fc+AMEAmfdMAMEAmfdXAMEApby7AMEAso52AMEAso6cAMEAspZYAMEAspZbAME
AsqI+AMEAsqufDAUBAIAAjAOAwUAJAMbgAMFACQGHoAwDQYJKoZIhvcNAQELBQAD
ggEBACVhfBdfAJe5eQNvYDe5J2pNE7YO5uclzPwP7KQyI5OXnNPa6X5mxn00ZNsA
S/GpFjyXUMTUq5pAyh3AxRKfSHrK5KW097FuGHQx383nM2YSc9TVlh0UFJl0LEyn
85o4sm18fCL1ZMlH/hDsnBd+x2Rtw26wYkOViL5nHVFYeRBpRi6tjSkf6L6i1TOW
TJreRH6AZTYhaWzA3yiyYJ85DJZ2LFPcr8CGywwpbemsxMTzfnuICWmoYwcu10dc
n29xW1O6skrD0VGkOWSwif6K2dfnfMxEatsN8M0OGOetteCrQrFEn9FKi5M+5Qzf
jOf/RVAsqI9otog9YVZkF983e9Q=
-----END CERTIFICATE-----
Generated at Mon May 20 00:17:34 2024 by rpki-client on console-fra.rpki-client.org